ref: b1a25acc70f6106249ae304e0323dc9ccbaece61
parent: da04650ffb15d3a5fc4245193136c66da7616cee
author: Ori Bernstein <ori@eigenstate.org>
date: Tue Aug 2 22:57:22 EDT 2022
auth(8): specify what gets put into the environemnt with '-s' Understanding the environment is important for security critical applications.
--- a/sys/man/8/auth
+++ b/sys/man/8/auth
@@ -298,8 +298,16 @@
flag specifies a string of driver
characters to keep. The
.B -s
-flag initializes the namespace to what rc expects,
-and passes its arguments unmodified to /bin/rc.
+flag initializes the namespace to an environment which includes
+.IR /bin ,
+.IR /srv ,
+.IR /env ,
+.IR /rc ,
+adds the
+.I |d
+devices, and execs
+.IR /bin/rc ,
+passing all arguments as though rc was invoked directly.
.PP
.I As
executes
--
⑨